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CLAIMS 

1 . A method of generating a signature implemented over an elliptic curve public 
2 key encryption scheme utilizing information maintained secret in one computing device 

comprising the steps of: 

4 i) initiating the computation of a coordinate a point on the elliptic curve 

from a pair of other points on said curve by performing on said one device an initial set of 

6 sufficient steps in the computation to inhibit recognition of information pertaining to the 
identity of said other points; 

8 ii) transferring to another computing device remote from the one device 

the results of said steps; 

1 o iii) performing at least such additional steps in said computation at said 

other device to permit the completion of said computation at said one device; and 

1 2 iv) transferring the result of said additional steps to said one device for 

incorporation in said si gnature . 

2. A method according to claim 1 wherein said initial steps includes a field 
2 operation to combine information from each of said other points. 



3. A method according to claim 2 wherein said combined information is utilized 
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2 in said additional steps. 

4. A method according to claim 3 wherein said field operation includes the 

2 summation of the information representing one coordinate of each of said other points and 

the summation of the information representing the other coordinate of each of the other 
4 points. 

5. A method according to claim 1 wherein said additional steps complete said 
2 computation. 

6. A method according to claim 4 wherein said information representing the 
2 summation of said coordinates is transferred from said one device to said other device. 

7. A method according to claim 4 wherein said elliptic curve is over the finite 
2 field 2 m and represents said coordinates in a normal basis in said field. 

8. A method according to claim 7 wherein said additional steps includes 
2 cyclically shifting said information representing the summation of said coordinates. 

u 

9. A method according to claim 1 wherein said computation generates a single 
2 coordinate of said point, said single coordinates being utilized in said signing. 
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10. A method of deriving a coordinate of a point on an anomalous elliptic curve 
2 over the field GF2 m for utilization in a public key encryption scheme implemented on said 

curve, said method comprising the steps of: 
4 i) storing a normal basis representation of each of a set of coordinates of 

points on said curve; 

6 ii) retrieving said normal basis representation of a coordinate otone of 

said points; 

8 iii) performing an i-fold cyclic shift on said retrieved normal basis 

representation of said one coordinate; and 
1 0 iv) utilizing the resultant representation as a coordinate of a further point 

on the curve resulting from an i-fold application of the Frobenius Operation to said one point. 

11. A method according to claim 1 0 wherein each of said set of coordinates 

2 represents a point on the curve that is an integer multiple k, of a starting point P, and the i- 
fold application of the Frobenius Operation to said staring point P produces a new point 0T 

4 where 0T =X l ? ; 

said method including the step of determining the integer k' associated with 

6 said further point by computer kX 



L:\21 89\020CON\PATENT APPUCAT10N.DOC 



25 



12. A method of generating a session pair k,kP for use in a digital signature 

2 performed on an anomalous elliptic curve in the filed GF2 01 where kP is a point on said curve 

resulting from the k fold addition of a starting point P where k is an integer, said method 
4 comprising the steps of: 

i) storing a set of initial values of k and kP, as a normal basis 
6 representation in the field GF2 m ; 

ii) selecting a coordinate of one of said points kP in said set of initial 

8 values; 

iii) performing an i-fold cyclic shift on said coordinate to obtain a normal 
1 0 basis representation of the coordinate after an i-fold application of a Frobenius Operation; 

iv) selecting the integer k associated with said one of said points; 

1 2 v) computing an integer value X * k where X defines the relationship 

between the start point P and a point 0P and 0 indicates a Frobenius Operation; 

1 4 vi) utilizing the resultant representation of the coordinate and the value X l k 

as a session pair in a digital signature r,s where r is derived from the representation of a 

16 coordinate of a point on the curve and s is derived form the integer value associated with 
such point, the message to be signed and r. 

13. A method of generating signature components for use in a digital signature 
2 scheme, said signature components including private information and a public key derived 
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from said private information, said method comprising the steps of storing private 
4 information and related public key as an element in a set of such elements, cycling in a 

deterministic but unpredictable manner through said set to select at least one element of said 
6 set without repetition and utilizing said one element to derive a signature component in said 

digital signature scheme. 

14. A method according to claim 13 wherein a pair of said elements are selected 
2 from said set and said pair of elements combined to provide said signature components. 

15. A method according to claim 14 wherein said value selected pair of elements 
2 is operated upon to produce private information and a public key derived from said one 

element prior to combination with the other of said elements. 

16. A method according to claim 15 wherein a computation to combine said 

2 elements is initiated on one computing device and sufficient steps of said computation are 
performed on said one device to inhibit recognition of information in said elements and 

4 subsequent steps are performed on another computing device after transfer of a partially 
completed computation thereto. 

1 7. A method according to claim 14 wherein said pairs of elements are selected by 
2 generating a pair of indices indicating respective locations of said elements in said set. 
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18. A method according to claim 17 wherein said indices are obtained from an 
2 ordered array arranged to provide each possible combination of indices. 

19. A method according to claim 18 wherein said indices are selected from a 
2 counter that increments with each signature. 

20. A method according to claim 19 wherein output from said counter is modified 
2 to provide a non-sequential selection of said indices. 



